Appln No. 09/688,452 
Amdt date April 12, 2004 

Reply to Office action of December 12, 2003 
Amendments to the Claims: 

This listing of claims will replace all prior versions, and 
listings, of claims in the application: 

Listing of Claims; 

1. (Currently Amended) A security system for securing 
data in a computer network comprising: 

a plurality of user terminals coupled to the computer 

network; 

a cryptographic device remote from the plurality of 
user terminals and coupled to the computer network, wherein the 
cryptographic device includes a computer executable code for 
authenticating one or more users and verifying that the 
authenticated user is authorized to assume a role, and wherein 
the cryptographic device is capable of performing value 
management functions for one or more users; and 

a plurality of security device transaction data for 
ensuring authenticity of the one or more users, wherein each 
security device transaction data is related to a u;jerj_ 

wherein the cryptographic device is not dedicated to 

particular user terminals . 

2. (Original) The system of claim 1, wherein the 
security device transaction data related to a user is loaded 
into the cryptographic device when the user requests to operate 
on a value bearing item. 
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3. (Original) The system of claim 1, wherein the assumed 
role includes one or more corresponding operations to be 
performed by the authenticated user. 

4. (Original) The system of claim 1, wherein the assumed 
role is a security officer role to initiate a key management 
function . 



5. (Original) The system of claim 1, wherein the assumed 
role is a key custodian role to take possession of shares of 
keys . 



6. (Original) The system of claim 1, wherein the assumed 
role is an administrator role to manage a user access control 
database . 

■ 7. (Original) The system of claim 1, wherein the assumed 
role is an auditor role to manage audit logs. 



8. (Original) The system of claim 1, wherein the assumed 
role is a provider role to withdraw from a user account. 

9. (Original) The system of claim 1, wherein the assumed 
role is a user role to operate on a VBI . 



10. (Original) The system of claim 1, wherein the assumed 
role is a certificate authority role to allow a public key 
certificate to be loaded and verified. 
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11. (Original) The system of claim 1, wherein the 
cryptographic device includes a state machine for determining a 
state corresponding to availability of one or more commands in 
conjunction with the role. 

12. (Original) The system of claim 1, wherein the 
cryptographic device is stateless. 

13. (Original) The system of claim 1, wherein the 
cryptographic device includes a computer executable code for 
preventing unauthorized modification of data. 

14. (Original) The system of claim 1, wherein the 
cryptographic device includes a computer executable code for 
ensuring the proper operation of cryptographic security and VBI 
related meter functions. 

15. (Original) The system of claim 1, wherein at least 
one of the user is an enterprise account. 

16. (Original) The system of claim 1, wherein the 
cryptographic device includes a computer executable code for 
supporting multiple concurrent users and maintaining a 
separation of roles and operations performed by each user. 

17. (Original) The system of claim 2, wherein the value 
bearing item is a mail piece. 
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18. (Previously Presented) The system of claim 17, 
wherein the mail piece comprises a digital signature. 

19. (Original) The system of claim 1, wherein the 
cryptographic device encrypts validation information according 
to a user request for printing a VBI. 

20. (Original) The system of claim 17, wherein the 
cryptographic device generates data sufficient to print a postal 
indicium in compliance with postal service regulation on the 
mail piece. 

21. (Original) The system of claim 2, wherein the value 
bearing item is a ticket. 

22. (Original) The system of claim 2, wherein a bar code 
is printed on the value bearing item. 

23. (Original) The system of claim 1, wherein each 
security device transaction data includes an ascending register 
value, a descending register value, a respective cryptographic 
device ID, an indicium key certificate serial number, a 
licensing ZIP code, a key token for an indicium signing key, 
user secrets, a key for encrypting user secrets, data and time 
of last transaction, last challenge received from a respective 
client subsystem, an operational state of the respective device, 
expiration dates for keys, and a passphrase repetition list. 
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24. (Original) The system of claim 1, wherein each 
security device transaction data includes a private key, a 
public • key, and a public key certificate, wherein the private 
key is used to sign device status responses and a VBI which, in 
conjunction with a public key certificate, demonstrates that the 
device and the VBI are authentic. 

25. (Original) The system of claim 1 further comprising 
at least one more cryptographic device remote from the plurality 
of user terminals coupled to the computer network, wherein the 
at least one more cryptographic device includes a computer 
executable code for authenticating any of the plurality of 
users . 

26. (Original) The system of claim 25, wherein the 
cryptographic device shares a secret with the at least one more 
cryptographic device . 

27. (Original) The system of claim 25, wherein one of the 
plurality of cryptographic devices is a master device and 
generates a master key set (MKS) . 

28. (Original) The system of claim 27, wherein the MKS 
includes a Master Encryption Key (MEK) used to encrypt keys when 
stored outside the device and a Master Authentication Key (MAK) 
used to compute a DES MAC for signing keys when stored outside 
of the device. 



-6- 



Appln No. 09/688,452 
Amdt date April 12, 2004 

Reply to Office action of December 12, 2003 

29. (Original) The system of claim 27, wherein the MKS is 
exported to other cryptographic devices by any cryptographic 
device . 

30. (Currently amended) A method for securing data in a 
computer network having a plurality of user terminals, the 
method comprising the steps of: 

storing information about a plurality of users using 
the plurality of terminals in a database remote from the 
plurality of user terminals; 

securing the information about the users in the 
database by one or more of cryptographic devices remote from the 
plurality of user terminals; 

performing value management functions in the one or 
more of the cryptographic devices for one or more of the 
plurality of users; 

storing a plurality of security device transaction 
data, wherein each transaction data is related to one of the 
plurality of users; and 

verifying that a user is authorized to assume a rolej_ 

wherein the cryptographic device is not dedicated to 

specific user terminals . 

31. (Original) The method of claim 30 further comprising 
the step of loading a security device transaction data related 
to a user into one of the one or more of cryptographic devices 
when the user requests to operate on a value bearing item. 
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32. (Original) The method of claim 30 further comprising 
the step of authenticating the identity of each user. 

33. (Original) The method of claim 30 further comprising 
the steps of verifying that the user is authorized to perform a 
corresponding operation based on the assumed role. 

34. (Original) The method of claim 30, wherein the 
assumed role is a security officer role and the corresponding 
command is initiating a key management function. 

35. (Original) The method of claim 30, wherein the 
assumed role is a key custodian role to take possession of 
shares of keys. 

36. (Original) The method of claim 30, wherein the 
assumed role is an administrator role to manage a user access 
control . 

37. (Original) The method of claim 30, wherein the 
assumed role is an auditor role to manage audit logs. 

38. (Original) The method of claim 30, wherein the 
assumed role is a provider role to authorize increasing credit 
for a user account. 
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39. (Original) The method of claim 30, wherein the 
assumed role is a user role to perform expected IBIP postal 
meter operations. 

40. (Original) The method of claim 30, wherein the 
assumed role is a certificate authority role to allow a public 
key certificate to be loaded and verified. 

41. (Original) The method of claim 30, further comprising 
the step of determining a state corresponding to availability of 
one or more commands in conjunction with the roles. 

42. (Original) The method of claim 41, wherein the state 
machine includes one or more of an uninitialized state, an 
initialized state, an operational state, an administrative 
state, an exporting shares state, an importing shares state, and 
an error state. 

43. (Original) The method of claim 30, further comprising 
the step of storing data for creating an indicium, account 
maintenance, and revenue protection. 

44. (Original) The method of claim 30, further comprising 
the step of printing a mail piece. 

45. (Original) The method of claim 44, wherein the mail 
piece includes a digital signature. 
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46. (Original) The method of claim 44, wherein the mail 
piece includes a postage amount. 

47. (Original) The method of claim 44, wherein the mail 
piece includes an ascending register of used postage and 
descending register of available postage. 

48. (Original) The method of claim 30, further comprising 
the step of printing a ticket. 

49. (Original) The method of claim 30, further comprising 
the step of printing a coupon. 

50. (Original) The method of claim 30, wherein the 
security device transaction data includes an ascending register 
value, a descending register value, a respective cryptographic 
device ID, an indicium key certificate serial number, a 
licensing ZIP code, a key token for an indicium signing key, 
user secrets, a key for encrypting user secrets, data and time 
of last transaction, last challenge received from a respective 
client subsystem, an operational state of the respective device, 
expiration dates for keys, and a passphrase repetition list. 

51. (Original) The method of claim 30, further comprising 
the step of using a private key to sign device status responses 
and the VBI which, in conjunction with a public key certificate, 
demonstrates that the device and the VBI are authentic. 
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52. (Original) The method of claim 30, further comprising 
the step of sharing a secret with any of the other devices. 

53. (Original) The method of claim 30, further comprising 
the step of generating a master key set (MKS) . 

54. (Original) The method of claim 53, wherein the step 
of generating the MKS comprises the steps of generating a Master 
Encryption Key (MEK) used to encrypt keys when stored outside 
the device. 

55. (Original) The method of claim 54, further comprising 
the step of generating a Master Authentication Key (MAK) used to 
compute a DES MAC for signing keys when stored outside of the 
device . 

56. (Original) The method of claim 30, further comprising 
the step of performing one or more of Rivest, Shamir and Adleman 
(RSA) public key encryption, DES, Triple-DES, DSA signature, 
SHA-1, and Pseudo-random number generation algorithms by each of 
the cryptographic devices. 

57. (Currently Amended) A cryptographic device for 
securing data on a computer network comprising: 

a processor programmed for authenticating a plurality 
of users on the computer network for secure processing of a 
value bearing item; 
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a memory for storing security device transaction data 
for ensuring authenticity of a user and that the user is 
authorized to assume a role, wherein the security device 
transaction data is related to the one of the plurality of 
users; 

a cryptographic engine for cryptographically 
protecting data; 

means for performing value management functions for a 

user; and 

an interface for communicating with the computer 

network^ 

wherein the cryptographic device is not dedicated to 

particular users on the computer network. 



58. (Original) The cryptographic device of claim 57, 

wherein the processor is programmed to verify that the 

identified user is authorized to perform an operation 
corresponding to an assumed role. 



59. (Original) The cryptographic device of claim 57, 
wherein the assumed role is a key custodian role to take 
possession of shares of keys. 

60. (Original) The cryptographic device of claim 57, 
wherein the assumed role is an administrator role to manages a 
user access control database. 
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61. (Original) The cryptographic device of claim 57, 
wherein the assumed role is a provider role to authorize 
increasing credit for a user account. 

62. (Original) The cryptographic device of claim 57, 
wherein the assumed role is a user role to perform expected IBIP 
postal meter operations. 

63. (Original) The cryptographic device of claim 57 
further comprising a stored secret for cryptographically 
protecting data. 

64. (Original) The cryptographic device of claim 63, 
wherein the secret is a password. 

65. (Original) The cryptographic device of claim 63, 
wherein the secret is a public/private key pair. 

66. (Original) The cryptographic device of claim 57, 
wherein the value bearing item is a postage value including a 
postal indicium. 

67. (Original) The cryptographic device of claim 57, 
wherein the value bearing item is a ticket. 

68. (Original) The cryptographic device of claim 57, 
wherein the value bearing item includes a bar code. 
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